My company is going through PCI Compliance right now and we have an issue. We have our domain www.ourdomain.com for example and our server locally (it's really just a workstation in our workgroup) that we download our orders to. It also downloads credit card information, customer information, etc. We got a response from our PCI scan saying that port 443 doesn't have a trusted SSL cert because it's self signed by our Sonicwall. We use LogMeIn on this port and must have it.

We purchased a SSL certificate from GoDaddy but when generating the CSR request from our Sonicwall we used our WAN IP from the Sonicwall as the Common Name. GoDaddy says you can't use IANA IPs as the CN any longer and that you have to have a domain name associated with it. Does anyone know what I should do here? The GoDaddy site says we can check a box that says it will be used on an internal network but I don't think they will be able to verify the cert that way when they do the port scan. Any advice would be greatly appreciated.

-Chris

__________________
"I like to think there are three measures of a man: How much steak he can eat in one sitting, how full his mustache is and how quickly he can whittle a spear in the event of the apocalypse." - Ron Swanson